Contents

  1. history
https://nlnetlabs.nl/projects/unbound/security-advisories/

/CVE

Novel "ghost domain names" attack by updating almost expired delegation information Date: 2022-08-01 CVE: CVE-2022-30699

From version 1.16.2 on, Unbound stores the start time for a query and uses that to decide if the cached delegation information can be overwritten.

Novel "ghost domain names" attack by introducing subdomain delegations Date: 2022-08-01 CVE: CVE-2022-30698

Unbound is a child-centric resolver,

From version 1.16.2 on, Unbound checks the validity of parent delegation records 
before using cached delegation information.

1. history


CategoryDns CategoryWatch CategoryTemplate

Moin2Qmail: DNS/実装/unbound/1.16.2 (last edited 2022-08-01 22:03:34 by ToshinoriMaeno)